ab9182d5cf659c7e4f7f6f27a1f1ab98_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab9182d5cf659c7e4f7f6f27a1f1ab98_JaffaCakes118
Size

6KB
MD5

ab9182d5cf659c7e4f7f6f27a1f1ab98
SHA1

a9d87d431f2c38f1716e394f3e46be7c8a0cc691
SHA256

e9525bdcc9ca899a4bfdcfa47cf43765b24f279c898268f135c04a0d740bd966
SHA512

a1900d37a10581438358357f7b885aae883b601fa18f09a5b37c7ab955b752a830829c7119e85122ab938cfd570a11bc7f56d253488f6c353fec294edec3e9b5
SSDEEP

96:wBPzkDsD3Sx7iGE1ax/v/QeM3fFKdja91cCyPsZ+t7/K4hd89n/:w5elGfFKdK8P6+t7789n/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab9182d5cf659c7e4f7f6f27a1f1ab98_JaffaCakes118

Files

ab9182d5cf659c7e4f7f6f27a1f1ab98_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e5aa3acf6d26752f9a201c8af06c853b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
CloseHandle
lstrcpyA
GetProcAddress
lstrcatA
WaitForSingleObject
CompareStringA
ExitProcess
GetModuleHandleA
CreateEventA
LoadLibraryA
Process32First
CreateToolhelp32Snapshot
RtlUnwind

user32

EndPaint
ShowWindow

advapi32

RegCloseKey

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 862B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 388B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE